Michael Dickson has been spreading the word about technology and business in the CPA community since the 1970s. In fact, he once described a company he founded as designed to bridge that gap between the two. For Dickson, whose career started in a large regional firm, it seems fitting that he has come back to a regional CPA firm this year, joining Plante Moran, the nation's fifteenth largest firm, this time, helping clients improve their computer security.
Like what you see? Click here to sign up for Accounting Today's daily newsletter to get the latest news and behind the scenes commentary you won't find anywhere else.
Security is a hot topic. MasterCard's acknowledgement this past summer that the security of some 70,000 cardholders' data had been breached served to reignite businesses' concerns over security risks. That concern has pushed the revenue of Southfield, Mich.-based firm up 50 percent in the last year, says Dickson.
"Those identity theft commercials from Citi-Bank have done more to increase public awareness. That's what's driving the growth," says Dickson, now a manager with the security team within firm's Technology Consulting Solutions Group.
Dickson, who is working with newly made partner Raj Patel, was brought on board to grow the business. The group's staff now numbers 12 and will rise as business is expected to double over the next three years.
The group's services encompass security gap analysis, risk assessment and network security assessment. The cost of such projects varies by the size and characteristics of the client. For example, a small business or limited scope security assessment such as a HIPAA GAP Analysis can cost less than $10,000; and top $100,000 for a multinational company. External testing of a company's secured data can range from $5,000 to $70,000.
"Companies requiring assistance with their 404 activities and health care organizations seeking assistance with HIPAA compliance are significant contributors to our practice at the present time," Dickson says. "Most of my work to date at Plante & Moran has been in healthcare, education and manufacturing."
The firm uses enterprise risk management applications based on COSO and COBIT in its security assessments. It has also created tools, methods, and reports internally to build customized control frameworks for clients that track design, review, and test procedures.
While the requirements of new regulation has spurred demand, it is the combined knowledge as a CPA and a technologist that helps solve client problems, and to appeal to new ones, Dickson feels. He not only has the Certified Information Technology Professional Credential from the American Institute of CPAs. He is chair of the CITP committee, and believes strongly in the credential's value.
"It allows me to talk with clients and prospective clients about general business and audit, combined with my specialized IT experience," Dickson says.
That knowledge came with a career that started at Crow Chizek in the late 1970s. In 1988, he became partner-in-charge of the Systems Consulting Group in Columbus, Ohio, for more than 10 years. In 2001, he founded the Business Technology Group, an organization that provided technology services to CPA firms. His increasing activity with technology led him to become chair of the Ohio CPA Society and currently a member of the AICPA's Executive Information Technology Committee.
He has also helped develop standards as president and CEO of SysTrust Services, and company that marketed services based on the AICPA's SysTrust program and he later become part owner of IdentiRisk, a Denver company that markets CPE courses about topics such as security and privacy.
SysTrust was designed to bring the same concepts of auditing systems to small and medium CPA firms that are available through the national offices of the large firms. Small firms "needed someone to connect the dots," he says.
While Dickson admits the concept has not worked as he wished, he still believes in its value. "My vision of empowering small and medium-size firms is still struggling," he says. "It was ahead of its time. It may still be ahead of its time."
Riccardo A. Davis is Associate Editor of Accounting Technology and can be reached at firstname.lastname@example.org